Version 6 2005Q4
These Release Notes contain important information available at the time of release of Sun JavaTM System Communications Services Delegated Administrator 6 2005Q4. New features and enhancements, known issues and limitations, and other information are addressed here. Read this document before you begin using Delegated Administrator 6 2005Q4.
These release notes contain the following sections:
Date |
Description of Changes |
---|---|
September 30, 2005 |
Updated known issues, problems fixed in this release, compatibility issues. |
April 4, 2005 |
Added information about new features, installation requirements, requirements. |
Sun Java System Communications Services Delegated Administrator enables you to provision organizations (domains), users, groups, and resources in an LDAP directory used by Communications Services applications such as Messaging Server and Calendar Server.
The Delegated Administrator tool has two interfaces:
A utility (a set of command-line tools) invoked with the commadmin command.
A console (a graphical user interface) accessible through a Web browser.
Online help in the Delegated Administrator console describes how administrators can use the GUI to provision users in an LDAP directory.
For information about configuring and managing Delegated Administrator, and for a description of the commadmin command-line tools, see the Sun Java System Communications Services 6 2005Q4 Delegated Administrator Guide.
With Communications Services Delegated Administrator, you can provision users in an LDAP Schema 2 directory only. To provision Messaging Server users in an LDAP Schema 1 directory, you must use iPlanet Delegated Administrator, a deprecated tool.
The Delegated Administrator 6 2005Q4 release implements the following new features:
The Delegated Administrator console supports provisioning for Calendar Server.
In earlier releases, only the Delegated Administrator utility (commadmin ) supported Calendar Server.
The following console features implement support for Calendar Server:
Service packages with Calendar service can be allocated to organizations and assigned to users.
You can create and manage Calendar resources in the console.
You can create and manage groups in the console. Groups can have mail service (mailing lists), used by Messaging Server.
Service packages provide additional features and flexibility:
New types of service packages have been implemented. In addition to service packages for mail users, there are now service packages for calendar users and mail groups.
Services can be combined in a single service package. One type of service package provides both mail service and calendar service for users.
When you allocate or assign a service package, the Allocate or Assign Service Package wizard allows you to furnish specific values for service-related attributes. The specified values override the values in the service package itself for the target user, group, or organization.
The Delegated Administrator console’s interface has been improved. For example, the following enhancements have been made:
In the organization view, a second row of tabs has been added. By selecting these tabs, you can display lists of users, groups, Calendar resources, service packages, or properties. In the previous release, lists of users, service packages, and properties were displayed by means of drop-down lists.
You are not required to assign a service package to each user or group. In the previous release, a service package had to be assigned to each user.
This section describes the following platform, client product, and additional software requirements for this release of Delegated Administrator:
After you use the Sun Java System Installer to install Sun Java System Communications Services Delegated Administrator 2005Q4, it is recommended that you download and install the latest patch for Delegated Administrator.
Go to http://sunsolve.sun.com and select either “Patches” or “Patch Portal”. The current patch number for Delegated Administrator is:
119777
119778
119779
Check the SunSolve site for more information about the patch for Delegated Administrator.
This release supports the same platforms supported by Messaging Server, Calendar Server, and other Java Enterprise System components.
Specifically, this release supports the following platforms:
Solaris 10 Operating System (SPARCTM and x86 Platform Editions) including Zones Support
Solaris 9 Operating System Update 2 (SPARC and x86 Platform Editions)
Solaris 8 Operating System (SPARC Platform Edition)
Red Hat Linux 2.1 Update 2 (or later updates)
Red Hat Linux 3.0 Update 1 (or later updates)
For detailed information about Solaris and Linux requirements, including required upgrade patches and kernel versions, see the Sun Java Enterprise System Installation Guide and Sun Java Enterprise System Release Notes .
The following Java Enterprise System components, tools, and LDAP schema version are required for this release of Delegated Administrator:
Directory Server 5.x
Access Manager 6.2 or higher
Either Messaging Server 6 or Calendar Server 6, or both.
For information about requirements for Messaging Server, see Chapter 2, Sun Java System Messaging Server 6 2005Q4 Release Notes
For information about requirements for Calendar Server, see Chapter 1, Sun Java System Calendar Server 6 2005Q4 Release Notes
Java Enterprise System Web container. You must deploy Delegated Administrator to one of the following Web containers:
Sun Java System Web Server 6.1 or higher
Sun Java System Application Server 7.x
Sun Java System Application Server 8.x
Directory Server Preparation Tool (Setup script): comm_dssetup.pl version 6.3–2.03
This version of comm_dssetup.pl is provided when you use the Java Enterprise System 2005Q4 Installer to install Directory Server.
LDAP Schema 2. This release of Communications Services Delegated Administrator is designed for provisioning users in an LDAP Schema 2 directory.
For information about requirements for Directory Server, Access Manager, Web Server, and Application Server, see the current release notes for these products.
For installation instructions for the Java Enterprise System components listed in this section, see the Sun Java Enterprise System Installation Guide.
The memory and disk space requirements for Delegated Administrator are the same as those of the Web container to which Delegated Administrator is deployed.
For information about the Web container’s hardware requirements, see the current release notes for this Java Enterprise System component.
The Delegated Administrator console requires a JavaScript-enabled browser. For optimal performance, Sun recommends the browsers listed in Client Software Requirements:
Table 4–2 Delegated Administrator Console Browser Recommendations
Browser |
Windows XP |
Windows 2000 |
Solaris |
---|---|---|---|
NetscapeTM Navigator |
7.2 or later |
7.2 or later |
7.2 |
Microsoft Internet Explorer |
6.0 SP1 or later |
6.0 SP1 or later |
NA |
MozillaTM |
1.4 or later |
1.4 or later |
1.4 or later |
For a general summary of the steps required to install and configure Delegated Administrator, see “Chapter 2: Planning for Installation and Configuration” in the Sun Java System Communications Services Delegated Administrator Guide.
It is recommended that you download and install the latest patch for Delegated Administrator.
The following procedure summarizes the steps you should take to install Delegated Administrator.
Run the Java Enterprise System Installer to install Delegated Administrator 2005Q4.
Go to http://sunsolve.sun.com and select either “Patches” or “Patch Portal”. The current patch number for Delegated Administrator is:
119777
119778
119779
Install the patch before you run the Delegated Administrator configuration program, config-commda.
Run the Directory Server Preparation Tool (Setup script), comm_dssetup.pl.
Configure Delegated Administrator by running the configuration program, config-commda.
The patch includes the following features:
Recent fixes to known issues.
A preparatory, “skeleton” ldif file enables you to create your own customized Class-of-Service templates.
.
The sample Class-of-Service templates are now stored in a new location in the directory.
The current release of the Sun Java System Communications Services 6 2005Q4 Delegated Administrator Guide describes how to create your own service packages.
Check the SunSolve site for more information about the patch for Delegated Administrator.
For large-scale installations with Access Manager, Messaging Server, and an LDAP Schema 2 directory, you might want to consolidate the Access Control Instructions (ACIs) in your directory.
When you install Access Manager with Messaging Server, a large number of ACIs initially are installed in the directory. Many default ACIs are not needed or used by Messaging Server. You can improve the performance of Directory Server and, consequently, of Messaging Server look-ups, by consolidating and reducing the number of default ACIs in the directory.
For information about how to consolidate and discard unused ACIs, see “Appendix D: ACI Consolidation” in the Sun Java System Communications Services Delegated Administrator Guide.
The following table lists the known incompatibilities between Communications Services Delegated Administrator 6 2005Q4 and earlier versions.
Incompatibility |
Impact |
Comments |
---|---|---|
Access Manager now has two install types: Realm Mode (version 7.x style) and Legacy Mode (version 6.x style). Legacy Mode is the default. |
At installation, you must choose Legacy Mode as the install type on the following panel: Access Manager: Administration (1 of 6) |
If the Realm Mode install type of Access Manager is installed, you will not be able to run Delegated Administrator. |
Upgrading Access Manager from version 6.x to 7.0 (Java ES Release 4) without upgrading Delegated Administrator to version 6 2005Q4 (Java ES Release 4). |
In the Delegated Administrator console or utility, user creation with mail or calendar service will fail. |
A workaround is available. For details, see Installation, Upgrade, and Configuration. |
There are no documentation updates for this release of Delegated Administrator.
Known Issues Fixed in This Release describes the bugs fixed in Delegated Administrator 2005Q4.
Table 4–3 Known Issues Fixed in Delegated Administrator
Problem Number |
Description |
---|---|
6263204 |
Use jdapi-wildorgsearchmaxresults and jdapi-wildusersearchmaxresults for all searches. |
6251950, 6230702 |
On the User Properties page, you cannot uncheck the Forward box, select the Local Inbox, and save the modification. |
6236566 |
The logger.properties file is referenced to the wrong path on Linux. |
6216904 |
Log-in performance is slow for a TLA logging in to Delegated Administrator in a directory deploying a very large number of organizations. |
6211658 |
Service-package filter causes logout. |
6206797 |
The commadmin domain purge command does not purge calendar resources. |
6206196 |
Cannot access the "All Service Packages" and "Properties" tabs. |
6202370 |
In traditional and simplified Chinese, missing online help in the sub-window for creating new organizations or new users. |
6201571 |
Cannot save a user name with a language option. |
6201234 |
There are only four preferred languages to select when you are creating a new organization. |
6200351 |
A TLA or SPA cannot update the “Alias Names for Domain:” text field for a shared organization. |
6198788 |
Broken help links in European and Japanese languages. |
6198361 |
If you remove all Service packages from a user in an organization and then assign a new Service package from the Service Packages page, the new Service package assignment fails. |
6190486 |
Removing a Service package from an organization causes the following message to be displayed: “No changes in service packages allocation.” |
6182985 |
The Shared Organization window does not display available domain names to the Service Provider Administrator. |
6177996 |
The Organization Administrator (OA) of an organization with a name that uses non-ascii characters sees a null pointer exception (NPE). |
5069133 |
The commadmin create resource command does not have a mandatory mail option that supports the Calendar Server csresource utility. |
5030030 |
Configuration program, config-commda, is not localized. |
This section describes known issues in Communications Services Delegated Administrator. The section includes the following topics:
When you upgrade from Application Server 7.x (Java ES Release 2) to Application Server 8.x (Java ES Release 4) and then upgrade to Delegated Administrator 6 2005Q4 (Java ES Release 4), Delegated Administrator fails to redeploy to the upgraded Application Server. (6319257)
After an upgrade to Application Server 8.x, applications such as Delegated Administrator are automatically redeployed to a non-DAS server1 instance. To maintain compatibility, the non-DAS instance runs on the same port as the previous release of Application Server.
However, Delegated Administrator uses the deploydir command to deploy to Application Server. In Application Server 8.x, the deploydir command only works on DAS instances. Delegated Administrator cannot be deployed to the non-DAS instance.
Workaround
After you have upgraded to Application Server 8.x, take the following steps:
Modify the following Access Manager configuration properties file:
/opt/SUNWam/lib/AMConfig.properties |
by replacing the following line:
com.sun.identity.webcontainer=IAS7.0 |
with
com.sun.identity.webcontainer=IAS8.1 |
Before you run the Delegated Administrator configuration program, undeploy the /commcli and /da web applications from the server1 instance in the upgraded Application Server. Run the following commands:
/opt/SUNWappserver/appserver/bin/asadmin undeploy --secure=false --user admin --password xxxx --target server1 commcli |
/opt/SUNWappserver/appserver/bin/asadmin undeploy --secure=false --user admin --password xxxx --target server1 da |
Run the Delegated Administrator configuration program, config-commda. When you are prompted for the Access Manager host and port, specify the port for the DAS server instance.
Specify the DAS server instance, even though Access Manager is running on the non-DAS server1 instance.
When the config-commda program asks you where to deploy the Delegated Administrator console and Delegated Administrator server, specify the DAS server information, not the server1 information.
If you already have configured Delegated Administrator with the server1 port (if you have already run config-commda), modify the port information (to specify the DAS port) in the following two files:
/opt/SUNWcomm/config/cli-usrprefs.properties /var/opt/SUNWcomm/da/WEB-INF/class/com/sun/comm/da/resource/ daconfig.properties |
After you run config-commda, log in to the Application Server console. Copy all Access Manager library paths in the JVM settings for classpath-prefix and classpath-suffix entries from the server1 instance to the server instance. You can perform this task by copying the paths in the server1 domain.xml file to the server domain.xml file.
The Delegated Administrator configuration program allows you to enter invalid values in the Domain Separator field. (6310711)
In the configuration program, config-commda, you can enter invalid characters such as ^ in the Domain Separator field. You cannot log into the Delegated Administrator console using a login ID with the invalid domain-separator character.
Workaround:
Edit the value of the commadminserver.domainseparator property in the daconfig.properties file, located in the following default path:
/var/opt/SUNWcomm/da/WEB-INF/classes/ com/sun/comm/da/resources/daconfig.properties |
Use a valid value such as @, -, or _.
Upgrading to Access Manager 7.0 without upgrading to Delegated Administrator 6 2005Q4 (Java ES Release 4) will cause user creation to fail. (6294603)
When you upgrade to Java Enterprise System Release 4, if you upgrade Access Manager from version 6.x to 7.0 but do not upgrade Delegated Administrator to version 6 2005Q4 (Java ES Release 4), user creation with mail or calendar service will fail.
Workaround:
Update the UserCalendarService.xml file, located by default in the following directory:
/opt/SUNWcomm/lib/services/UserCalendarService.xml |
In the UserCalendarService.xml file, mark the mail , icssubcribed, and icsfirsdayattributes as optional instead of required.
In Access Manager, remove the existing xml file by running the amadmin command, as in the following example:
amadmin -u amadmin -w netscape -r UserCalendarService |
In Access Manager, add the updated xml file, as in the following example:
amadmin -u amadmin -w netscape -s /opt/SUNWcomm/lib/services/UserCalendarService.xml |
Restart the Web container.
The Delegated Administrator configuration program (config-commda) can be slow if a very large number of organizations are deployed in the directory. (6219610)
If the directory contains a very large number of organizations (50,000 or more), the Delegated Administrator configuration program (config-commda) can take a long time to complete. Performance of administrative tasks related to Access Manager is slow.
Workaround
Create a pres,eq index on the ou attribute.
Values in the resource.properties files are overwritten when Delegated Administrator is reconfigured with the config-commda program. (6218713)
If you configure an existing, configured installation of Delegated Administrator by running the config-commda program again, the properties in the resource.properties file are reset to their default values.
For example, if you previously set the following properties to these values:
jdapi-wildusersearchresults=50
jdapi-wildorgsearchresults=10
and then run config-commda, these properties would be reset to their default values, as follows:
jdapi-wildusersearchresults=-1
jdapi-wildorgsearchresults=-1
This issue is of concern only if you have changed the Delegated Administrator configuration (if you have enabled plug-ins or modified the values of any properties in the resource.properties file).
Workaround
If you need to upgrade Delegated Administrator, or if you need to rerun the config-commda program for any other reason, you can preserve your existing configuration by taking the following steps:
Back up the resource.properties file.
The resource.properties file is located in the following default path:
da_base/data/WEB-INF/classes/sun/comm/cli/server/servlet/ resource.properties |
Run the config-commda program.
Edit the new resource.properties file created by the config-commda program, as follows:
(The new file is located in the default path shown in 1. Back up the resource.properties file, above.)
a. Open the new resource.properties file.
b. Open your back-up copy of the resource.properties file.
c. Locate the properties that were customized in the back-up copy. Apply the customized values to the corresponding properties in the new resource.properties file.
Do not simply overwrite the new resource.properties file with the entire back-up copy. The new file may contain new properties created to support this release of Delegated Administrator.
If you make the root suffix a domain, Delegated Administrator functions do not work. (6321748)
By default, when Access Manager is installed, the root suffix is not installed as a domain. That is, the root suffix does not contain the sunPreferredDomain attribute. If the root suffix is turned into a mail domain, problems occur in Delegated Administrator.
Workaround
Use the same default domain that you set up for Messaging Server. If you have not installed Messaging Server, make sure that the default domain is created one level below the root suffix in the DIT.
When you create a group with no services using the command-line utility (commadmin group create) and then assign a service package to the group in the Delegated Administrator console, you are not prompted to enter any Mail Service details. (6317925)
This issue occurs when you create a group with commadmin group create without adding any services to the group, and then use the Delegated Administrator console to assign a service package to the group. You can assign a mail service package to the group using the Assign Service Package wizard, but you are not prompted to enter information in the Mail Service Details panel. A message informs you that the mail service package was assigned successfully. If you open the group's Properties page, the group members are listed, but you cannot edit these fields or enter an email address for the group.
Workaround
Use the commadmin group modify command to add mail service and an email address to the group. For example:
./commadmin group modify -D <TLA> -w <TLA_password> -G Group0 -S mail -E Group0@<domain> -d <domain> |
Attributes passed with the —A option of the commadmin command are ignored if the command also calls an input file containing attributes passed with —A. (6317850)
This issue occurs if you run a commadmin command such as this one:
./commadmin user create -D tla -w pass -d <domain> -F test -L User -W pass -i /tmp/comm.in -A preferredlanguage:es |
and the input file, comm.in, contains attributes passed with the -A option. The result is that the -A option in the command line is ignored. In the example shown above, the preferredlanguage:es is not added.
Workaround
If any attributes are passed in the input file with the -A option, pass all values of -A in the input file. Do not also use -A in the command line.
An Organization Administrator (OA) can remove himself as an OA by modifying the organization Properties page. (6314711)
If you log into the Delegated Administrator console as an OA, you can go to the organization's Properties page and remove yourself from the list of users with OA rights. No error occurs, and you can continue using the console. You should either be unable to remove yourself as an OA or be logged out as soon as you remove yourself.
An inappropriate error message is displayed when you use a domain name that conflicts with the name of a deleted domain. (6309418)
This issue occurs if you create an organization with a domain name that is the same as the name of a deleted domain. (The organization name is different than the name of the deleted organization.) The following error message appears: Attribute uniqueness violated.
Workaround
Specify a new domain name.
The Delegated Administrator console writes icsAllowRights values to the directory that are different than the values documented in the Schema Reference. (6308579)
This issue occurs when you set Advanced Rights in an organization that has Calendar service allocated to it. If you open the Properties page for the organization, navigate to the Calendar Service section, and click the Advanced Rights button, the Advanced Rights properties are displayed. These properties are stored with the icsAllowRights attribute in the directory.
In the Delegated Administrator console, if you set the Advanced Rights properties to “No,” the icsAllowRights value in the directory is saved as 0. However, the Schema Reference documents that the value 0 means that the property is allowed.
Note also that the Advanced Rights properties in the Delegated Administrator console are set to “No” by default, even if these values conflict with the corresponding values in the ics.conf file. The values set by Delegated Administrator override the values in the ics.conf file.
When you use commadmin group create to create a group, you can add only one dynamic membership filter (LDAP URL) with the —f option. (6303551)
The commadmin group create command allows you to use the -f option multiple times to construct dynamic membership filters (LDAP URLs) for the group. However, only the last filter is saved in the LDAP directory.
Workaround
Run the commadmin group modify command multiple times, once for each filter you wish to add.
When you add Dynamic members to a group In the Delegated Administrator console, you cannot test a manually constructed LDAP URL. (6300923)
When you create a new group and add dynamic members to the group, you can either manually construct an LDAP URL or use the fields available in the drop-down menus to construct the LDAP URL. If you use the drop-down menus, you can click the Test LDAP URL button. If you manually construct the LDAP URL, this feature is disabled.
Using the browser's Back button in the Delegated Administrator console can cause unexpected pages to be displayed. (6292610)
Workaround
Navigate only by using the tabs and navigation links provided on the page itself.
The number of service packages assigned to groups in an organization can exceed the number allocated to that organization. (6285713)
After you allocate a specified number of service packages for groups in an organization, you can assign an unlimited number of service packages to the groups in the organization. The allocation limits are not enforced.
For example, if you allocate 20 service packages for groups in an organization, you can assign service packages to more than 20 groups in the organization.
An incorrect error message is displayed when you create a new user with a Login ID that is already in use. (6283567)
When you create a new user with a unique email address but a login ID that is already used, the user is not created (which is the correct behavior), but the following error message is displayed: “Cannot create user — mail address already used.” The error message should say that the login ID is already used.
You cannot create users in a domain that includes an underscore in its name. (6281261)
Workaround
Do not include an underscore in the domain name.
On Linux, you cannot use the commadmin utility to add certain service object classes. (6280807)
This issue occurs when you run commadmin with the -A option to add particular service object classes. For example, if you run the following command:
/opt/sun/comms/commcli/bin/commadmin user modify -D admin -n <domain> -w <password> -p81 -X localhost -d <domain> -l test -A +objectclass:sunportalgatewayaccessservice |
Delegated Administrator is unable to get the service object classes.
Workaround
Manually add the required object class for the user in Directory Server through the Administration Console, or by using the ldapmodify command.
Searching for organizations by service name, service package name, and mail host does not work. (6277314)
In the Organization list page, if you use the drop-down menu to search for organizations by service name, service package name, or mail host, and then enter a search string, the search result includes all organizations.
You cannot create an organization with a comma in the organization name. (6275439)
If you use the Create Organization wizard to create an organization and specify an organization name containing a comma, an error is displayed and the organization is not created.
Workaround
Do not put a comma in an organization name.
If you delete a domain with the commadmin domain delete command, you cannot use commadmin to purge the domain. (6245878, 6203605)
If you use commadmin domain delete to delete an organization with mail service, the inetDomainStatus is set to deleted . If you then use msuserpurge to remove users from the message store and commadmin domain purge to purge the domain, the domain remains in the LDAP directory. The mailDomainStatus value for the domain does not equal removed.
The same issue exists if you use commadmin domain delete to delete an organization with Calendar service, then use csclean to remove the calendar, and then use commadmin domain purge to purge the domain. The icsStatus is not marked as removed in LDAP.
Workaround
Use ldapmodify to set the mailDomainStatus or icsStatus to removed. Then use commadmin domain purge.
The Domain Disk Quota value is lost if you change the Domain status or Mail Service status of a full organization. (6239311)
This problem occurs if you edit a full organization with a Domain Disk Quota value set to any numeric value, and you change the Domain Status or Mail Service Status from Active to any other value (such as Inactive or Hold).
A message indicates that the properties of the organization have been successfully modified, but the value of the Domain Disk Quota field is set to unlimited, and the LDAP attribute (mailDomainDiskQuota) is lost for the organization.
Workaround
This issue is fixed in the latest Delegated Administrator patch. Download the patch, as described in Recommended Patch.
Or: Reset the value of the Domain Disk Quota field and save the properties of the organization again.
No indication when a User, Organization, or Group list page has finished loading. (6234660)
If you click a button while a list page is loading, an error occurs.
While the page is loading, a message asks you to wait. Do not click any buttons or links until the page is ready.
The commadmin user modify command fails if you assign both the sunpresenceuser and sunimuser object classes to a user entry. (6214638)
A newly created user does not inherit the domain’s timezone (TZ). (6206160)
If you create a domain with a non-default timezone, and then create a new user without explicitly using the -T <timezone > option, the user is given the default timezone (America/Denver).
For example, assume you create a domain named sesta with a timezone of Europe/Paris. Next, create a new user in sesta. The user is given the default timezone, America/Denver.
Workaround
When you create or modify a user, pass -T < timezone> explicitly to the commadmin user create or commadmin user modify command.
You need to save the Organization Properties page to successfully add an administrator. (6201912)
If you open the Organization Properties page and assign an administrator role to a specified user, you must then save the Organization Properties page to add the administrator successfully. If you log out after assigning the new administrator, the administrator is not added.
New non-ascii organizations cause an error because the default administrator’s email address cannot be specified. (6195040)
The default administrator’s uid defaults to “admin_ new_organization_name.” If the new organization name contains non-ascii characters, the email address that uses this uid is invalid.
You cannot edit a user’s login ID in this release of Delegated Administrator. (6178850)
If the root suffix name is the same as an organization domain name, the Delegated Administrator utility does not work. (5107441)
If you create the root suffix name that is the same as your domain name (for example, if the root suffix is o=example.com and the domain is example.com), the commadmin utilities do not work.
Workaround
Avoid using the same name for the root suffix and another domain in the directory. (The o=name values must be different.)
The advanced search feature does not return correct results for organizations. (5094680)
This issue occurs if you perform the following steps:
Select the Advanced Search feature.
Select “Organizations” from the drop-down list.
Click the Match All or Match Any radio button.
Select an organization name from the drop-down list.
Enter valid values in the text field.
Click Search.
Instead of returning only the organizations that match the search criteria, Delegated Administrator displays all organizations.
The Summary page in the New Organization wizard does not display all the organization details. (5087980)
When you create a new organization with the New Organization wizard, certain details, such as Disk Domain Quota and Mail Service Status, are not displayed in the wizard’s Summary page.
Cannot modify non-ASCII groups. (4934768)
If a group is created with a group name that contains non-ASCII characters, it cannot be modified with the commadmin group modify command.
For example, if a group with the non-ASCII characters XYZ is specified with the -G option in the commadmin group create command, an email address of XYZ is automatically added to the group’s LDAP entry. Since non-ASCII characters are not allowed in email addresses, modifying the group with commadmin group modify fails.
Workaround
Use the -E email option when creating a group. This option will specify the group’s email address. For example: commadmin group create -D admin -w password -d siroe.com -G XYZ -S mail -E testgroup@siroe.com .
Creating a group with multiple -f options adds only one attribute. (4931958)
If you specify multiple -f options for creating dynamic groups in the commadmin group create command, only the value specified with the last -f option is added to the LDAP entry. The other values are not added.
Workaround
Do not specify the -f option multiple times when using the commadmin group create command.
This section describes Delegated Administrator localization problems.
In the localized Delegated Administrator GUI configuration program, config-commda, the default page size may be too small to display all input fields and field labels properly. (6307209)
Workaround:
If you are using a localized GUI configuration program, config-commda, and any labels or input fields are not visible, resize the dialog in the GUI config-commda to accommodate the longer labels.
You cannot create a domain with a language-tagged welcome message. (6242611)
If you use the commadmin domain create command to create a domain with a language-tagged welcome message (with the -A "mailDomainWelcomeMessage;lang-<language tag>:Subject:<message>" option), the domain cannot be created.
Workaround
First create the domain with the commadmin domain create command. Then use the commadmin domain modify command to add the language-tagged welcome message. For example:
commadmin domain create -D admin -w pass -S mail -H test.<domain> -d i18n.tst |
commadmin domain modify -D admin -w pass -d i18n.tst -A "mailDomainWelcomeMessage;lang-fr:Subject:Test$$Test" |
An error message, “The organization already exists,” is not localized. (6201623)
If you attempt to create an organization with the same name as an existing organization, Delegated Administrator displays the following error message: “The organization already exists.” This message appears in English and is not translated.
This section describes errors or incomplete information in the Delegated Administrator books and online help.
Available Languages list in the User Properties page is not described in the Delegated Administrator console online help. (6307846)
The Available Languages drop-down list allows you to select a language for a language-tagged user name.
From the Available Languages list, select the desired language for the user name. (The Available Languages list is displayed alongside the First Name, Last Name, and Display Name fields.)
Next, enter the first name, last name, and click Save . This enters a language-tagged first name, last name, and common name to the LDAP entry.
For example, if you select German from the Available Languages list, enter Gerard as the first name, and Schroeder as the last name, the following attributes are added to the user's LDAP entry:
givenname;lang-de:Gerard sn;lang-de:Schroeder cn;lang-de:Gerard Schroeder |
Applications that are locale—aware will display this cn if the user's chosen language is German.
The Default option in the Available Languages list corresponds to the mandatory, untagged givenname, sn, and cn attributes.
For a shared organization, Calendar Service Details do not appear in the Create New Organization wizard; this information is not explained in the online help. (6295181)
When you create a shared organization in the Delegated Administrator console, the Calendar Service Details panel does not appear in the Create New Organization wizard. Furthermore, after the shared organization is created, Calendar Service Details do not appear in the shared organization's Properties page.
This is because, when you create a shared organization, the Calendar service attributes are inherited from the shared parent domain. Therefore, you cannot create or display Calendar service information that is unique to the new shared organization.
Only the Top-Level Administrator has the authority to edit the parent domain.
The Delegated Administrator console online help does not explain this behavior.